Buffer overflow in OpenSSH Challenge-response Published: 08.01.2003 Source: BUGTRAQ SecurityVulns ID: 2114 Type: local Level: 10/10 Description: Integer overflow during challenge-response processing. Buffer overflow on large number of responses. Affected: OPENSSH : OpenSSH 3.2 OPENSSH : openssh 3.4 OPENSSH : OpenSSH 3.5 Original document mmhs_(at)_hushmail.com , OPENSSH REMOTE ROOT COMPROMISE ALL VERSIONS (08.01.2003 ) Christophe Devine , OpenBSD 3.1 sshd remote root exploit (29.06.2002 ) Joe Testa , How to reproduce OpenSSH Overflow. (28.06.2002 ) OPENBSD , Revised OpenSSH Security Advisory (adv.iss) (27.06.2002 ) X-FORCE , ISS Advisory: OpenSSH Remote Challenge Vulnerability (27.06.2002 ) CERT , Advisory CA-2002-18 OpenSSH Vulnerabilities in Challenge Response (27.06.2002 ) SECURITEAM , [NEWS] Upcoming OpenSSH Vulnerability (Privileges Separation) (25.06.2002 )
ipfilter DoS Published: 08.01.2003 Source: BUGTRAQ SecurityVulns ID: 2519 Type: remote Level: 5/10 Description: TCP/ACK packet with invalid checksum causes connection to be treated as established. Affected: IPFILTER : ipfilter 3.4 Original document Yiming Gong , ipfilter denial of service problem (08.01.2003 )
Buffer overflow in http fetcher Published: 08.01.2003 Source: BUGTRAQ SecurityVulns ID: 2520 Type: library Level: 5/10 Description: Buffer overfliw in many functions. Affected: HTTPFETCHER : http fetcher 1.0 Original document dong-h0un U , [INetCop Security Advisory] Buffer Overflow vulnerability in HTTP Fetcher Library. (08.01.2003 )
Multiple cgihtml bugs Published: 08.01.2003 Source: BUGTRAQ SecurityVulns ID: 2521 Type: library Level: 5/10 Description: Temporary files problem, Content-Length DoS, buffer overflows. Affected: CGIHTML : CGIHTML 1.69 Original document Chris Leishman , Multiple cgihtml vulnerabilities (08.01.2003 )
Tanne formatstring bug Published: 08.01.2003 Source: BUGTRAQ SecurityVulns ID: 2522 Type: library Level: 5/10 Description: syslog() format string bug. Affected: TANNE : tanne 0.6 Original document dong-h0un U , [INetCop Security Advisory] Remote format string vulnerability in Tanne. (08.01.2003 )
HSphere WebShell buffer overflow Published: 08.01.2003 Source: BUGTRAQ SecurityVulns ID: 2524 Type: remote Level: 5/10 Description: Buffer overflow in MIME boundary. Affected: PSOFT : HSphere WebShell 2.4 Original document Carl Livitt , Remote root vuln in HSphere WebShell (08.01.2003 )
Communigate Pro directory traversal Published: 08.01.2003 Source: BUGTRAQ SecurityVulns ID: 2525 Type: remote Level: 6/10 Description: Web interface directory traversal. Affected: STALKER : Communigate Pro 4.0 Original document G.P.de.Boer , Directory traversal bug in Communigate Pro 4's Webmail service (08.01.2003 )
Symbolik link problem in S-Plus Published: 08.01.2003 Source: BUGTRAQ SecurityVulns ID: 2526 Type: local Level: 5/10 Description: Multiple modules create temporary files with predictable names. Affected: INSIGHTFUL : S-PLUS 6.0 Original document Paul Szabo , S-plus /tmp usage (08.01.2003 )
Unauthorized Longshine AP TFTP access Published: 08.01.2003 Source: BUGTRAQ SecurityVulns ID: 2527 Type: remote Level: 5/10 Description: TFTP access from WLAN interface allowed. Affected: LONGSHINE : Longshine LCS-883R-AC-B Original document Lukas Grunwald , Longshine WLAN Access-Point LCS-883R VU#310201 (08.01.2003 )
KaZaA crossite access Published: 08.01.2003 Source: BUGTRAQ SecurityVulns ID: 2528 Type: client Level: 5/10 Description: All advirtizing is executed in local zone.
Original document David Krum , KaZaA - Bad Zone (08.01.2003 )
CGI bugs Published: 11.01.2003 Source: BUGTRAQ SecurityVulns ID: 2518 Type: remote Level: 5/10 Affected: MAMBO : Mambo Site Server 4.0 KELLISHAVER : S8Forum 3.0 DCPPORTAL : DCP-Portal 5.0 MYPHPNUKE : myPHPNuke 1.8 THENI : E-theni BOOKMARK4U : Bookmark4U 1.8 LBSTONE : Active PHP Bookmarks 1.1 GENEWEB : geneweb 4.06 URLOGY : a.shopKart Original document Mindwarper , Mambo Site Server Remote Code Execution (11.01.2003 ) Ignacio Vazquez , a.shopKart Shopping Cart remote vulnerabilities (08.01.2003 ) DEBIAN , [SECURITY] [DSA 223-1] New geneweb packages fix information exposure (08.01.2003 ) Nasser.M.Sh , A security vulnerability in S8Forum (08.01.2003 ) itzhak_(at)_2500hz.net , Bookmar4U and Active PHP Bookmarks Vulnerabilities (08.01.2003 ) frog frog , E-theni (PHP) (08.01.2003 ) Mindwarper , phpmynuke css and phpinfo() vuls (08.01.2003 ) frog frog , DCP-Portal (PHP) (08.01.2003 )
Ethernet frame padding information leakage Published: 13.10.2005 Source: VULNWATCH SecurityVulns ID: 2523 Type: m-i-t-m Level: 5/10 Description: Incorrect memory managment causes ethernet fame padding bytes may contain sensitive information. Affected: LINUX : kernel 2.4 LINUX : kernel 2.6 CVE: CVE-2003-0001 (Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak.)
